[strongSwan] Strongswan 4.5.2 sending IKEv2_INFORMATIONAL_REQUEST with wrong flags
tobias at strongswan.org
Fri Sep 7 15:57:35 CEST 2012
> I am talking about the INFORMATIONAL Delete Request for the old Child SA.
> The flags are all Zero i.e 0x00.
What's wrong with that? It is clearly a request so the response flag is
zero and if strongSwan was the initial responder (i.e. it did *not*
initiate the IKE_SA) then the initiator flag must also be zero (you did
not write if strongSwan was initiator or not) - this flag could only
change when the IKE_SA is rekeyed (not when CHILD_SAs are rekeyed). The
version flag is always zero for IKEv2 and the rest of the bits are
reserved and zero too.
More information about the Users